Total
261 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-5613 | 1 Freebsd | 1 Freebsd | 2020-03-05 | 7.5 HIGH | 9.8 CRITICAL |
In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in the ipsec packet processor allows reinjection of an old packet to be accepted by the ipsec endpoint. Depending on the higher-level protocol in use over ipsec, this could allow an action to be repeated. | |||||
CVE-2020-3174 | 1 Cisco | 80 Mds 9132t, Mds 9148s, Mds 9148t and 77 more | 2020-03-03 | 3.3 LOW | 4.7 MEDIUM |
A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper validation of a received gratuitous ARP (GARP) request. An attacker could exploit this vulnerability by sending a malicious GARP packet on the local subnet to cause the ARP table on the device to become corrupted. A successful exploit could allow the attacker to populate the ARP table with incorrect entries, which could lead to traffic disruptions. | |||||
CVE-2019-17228 | 1 Stylemixthemes | 1 Motors - Car Dealer\, Classifieds \& Listing | 2020-02-26 | 6.4 MEDIUM | 6.5 MEDIUM |
includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes. | |||||
CVE-2019-15613 | 1 Nextcloud | 1 Server | 2020-02-15 | 6.0 MEDIUM | 8.0 HIGH |
A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes. | |||||
CVE-2016-4554 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 5.0 MEDIUM | 8.6 HIGH |
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue. | |||||
CVE-2016-4553 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 5.0 MEDIUM | 8.6 HIGH |
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request. | |||||
CVE-2019-5291 | 1 Huawei | 36 Ar120-s, Ar120-s Firmware, Ar1200 and 33 more | 2019-12-19 | 4.3 MEDIUM | 5.9 MEDIUM |
Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. | |||||
CVE-2015-7539 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2019-12-17 | 7.6 HIGH | 7.5 HIGH |
The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin. | |||||
CVE-2017-12972 | 1 Connect2id | 1 Nimbus Jose\+jwt | 2019-11-15 | 5.0 MEDIUM | 7.5 HIGH |
In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC. | |||||
CVE-2019-5246 | 1 Huawei | 2 Elle-al00b, Elle-al00b Firmware | 2019-11-15 | 4.6 MEDIUM | 6.2 MEDIUM |
Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution. | |||||
CVE-2019-5229 | 1 Huawei | 2 P30, P30 Firmware | 2019-11-14 | 4.6 MEDIUM | 6.2 MEDIUM |
P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could cause malicious code execution. | |||||
CVE-2019-8112 | 1 Magento | 1 Magento | 2019-11-08 | 5.0 MEDIUM | 7.5 HIGH |
A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can bypass the email confirmation mechanism via GET request that captures relevant account data obtained from the POST response related to new user creation. | |||||
CVE-2019-15162 | 2 Opengroup, Tcpdump | 2 Unix, Libpcap | 2019-10-26 | 5.0 MEDIUM | 5.3 MEDIUM |
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. | |||||
CVE-2019-1880 | 1 Cisco | 8 Unified Computing System C125 M5, Unified Computing System C220 M4, Unified Computing System C220 M5 and 5 more | 2019-10-09 | 2.1 LOW | 4.4 MEDIUM |
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An attacker could exploit this vulnerability by executing the BIOS upgrade utility with a specific set of options. A successful exploit could allow the attacker to bypass the firmware signature-verification process and install compromised BIOS firmware on an affected device. | |||||
CVE-2019-1932 | 2 Cisco, Microsoft | 2 Advanced Malware Protection For Endpoints, Windows | 2019-10-09 | 7.2 HIGH | 6.7 MEDIUM |
A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. The vulnerability is due to insufficient validation of dynamically loaded modules. An attacker could exploit this vulnerability by placing a file in a specific location in the Windows filesystem. A successful exploit could allow the attacker to execute the code with the privileges of the AMP service. | |||||
CVE-2019-12620 | 1 Cisco | 10 Hyperflex Hx220c Af M5, Hyperflex Hx220c Af M5 Firmware, Hyperflex Hx220c Edge M5 and 7 more | 2019-10-09 | 5.0 MEDIUM | 5.3 MEDIUM |
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could exploit this vulnerability by sending properly formatted data values to the statistics collection service of an affected device. A successful exploit could allow the attacker to cause the web interface statistics view to present invalid data to users. | |||||
CVE-2018-10626 | 1 Medtronic | 4 Mycarelink 24950 Patient Monitor, Mycarelink 24950 Patient Monitor Firmware, Mycarelink 24952 Patient Monitor and 1 more | 2019-10-09 | 3.8 LOW | 4.4 MEDIUM |
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected product's update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network. | |||||
CVE-2017-3224 | 3 Quagga, Redhat, Suse | 4 Quagga, Package Manager, Opensuse and 1 more | 2019-10-09 | 4.3 MEDIUM | 8.2 HIGH |
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages). | |||||
CVE-2017-3219 | 1 Acronis | 1 True Image | 2019-10-09 | 8.3 HIGH | 8.8 HIGH |
Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash. | |||||
CVE-2017-3218 | 1 Samsung | 1 Magician | 2019-10-09 | 8.3 HIGH | 8.8 HIGH |
Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates. |